<?php
    require_once('database.php');
    require_once('configu.php');

    $usr = $_POST["usr"];
    $pass = md5($_POST["pass"]);

	//echo "$usr, $pass<br/>";
    $result=database::query("SELECT username,password,blocked,role FROM user WHERE username='$usr' AND password='$pass'");
	//print_r($result);
    $rows=mysql_fetch_array($result);
	//print_r($rows);
    
    $ruser=$rows['username'];
    $rpass=$rows['password'];
	$boleh = ($rows['blocked'] == 0);
    if((isset ($ruser)) && (isset ($rpass)))
    {
		if (!$boleh)
			die("username anda sedang di-blok");
		else
		{
			session_start();
			$_SESSION['username'] = $ruser;
			$_SESSION['role'] = $rows['role'];
			header("Location: ".$CFG->url."fts.php");
		}
    }
    else
    {
        die("username dan password tidak valid!\n");
    }
    
?>
